On Mon, 24 Oct 2005, Merton Campbell Crockett wrote:
Obviously, this leads to a condition where the HTTP client needs to supply multiple credentials on every access. It is important to note that not all HTTP clients are browsers (Firefox, Internet Explorer, Netscape, Safari, etc.). Many are applications or services such as AIM, Jabber, Real Audio, etc.
It is also worth noticing that the HTTP specifications only allows for a single active authentication realm per URI, and that only a single authenitcation scheme can be used at a time.. If there is multiple challenges of the same scheme but with different reamls then the client is free to pick one (and can not pick more than one).
Regards Henrik
